Mobile electronic devices such as the Apple iPad or iPhone and similar Android-based devices are generally known. The manufacturers of such devices have provided for security of information within such devices including encrypting of the materials within the file system and a means of locally or remotely resetting the device to its factory settings. However, these means for protecting sensitive information are generally inadequate.
In general, all files stored on the iPad's file system are AES hardware encrypted. iOS decrypts the files at access-time, using a key stored on the device. Even with a device password, unless the app uses the Data Protection API, the files on the device are not secured. The positive side of the full disk encryption is that once the keys are removed (e.g. by doing a remote wipe), the data is virtually unrecoverable.
Applications which use the Apple Data Protection rely on the device's hardware encryption to encrypt the application data. Even though this is an improvement on previous Apple security implementations, there are several limitations to this approach. First, it relies on the user's device passcode which may be very weak (default is a 4 digit pin), and can therefore be brute forced relatively easily and second, the “Escrow Keybag” weakness means that if a user's computer is obtained along with the mobile device, it will be much easier to decrypt the user's protected data. Accordingly, a need exists for better security on such devices.